The obvious answer is right, passwords should be as secure as possible, but secure must take into account the ease of use for the human as well as length, character set, and randomness.
I think you're confusing how secure a password is and how secured a password is. IOW, how hard a password is to guess and how it is stored when it is not used. Machines have no trouble using 512-, 1024- or 2048-bit secret keys let alone much shorter passwords, so in that vein, how long a secret key would you consider to be as secure as possible?
Note I didn't say uncommon, I said narrow. The referenced speaker is "clubbing baby seals" as one of my professors liked to call it. He asked a simple question with an obvious answer, and then reframed the question to make his (non-obvious) answer correct.
The obvious answer is obviously wrong, because there is no limit on how strong and secure one can make one's passwords and policies (e.g. 500 characters from base64 in equal amounts without patterns changed every 10 minutes). The limit has always been the usability of the resulting system, which seems to be forgotten all too often.
You know, I don't believe you. With the amount of context assist and refactoring support a modern Java development environment like Eclipse has, I find that it feels like I'm writing 1/10th of the code that appears on the screen. Perhaps a more fair comparison would be to compare the number of keypresses needed to achieve a particular goal.
Then why aren't those sick minded people prosecuted for posting those images for other sick minded people to enjoy? Oh, that's right, usenet wasn't designed with that in mind, and that's just the way you like it. IHBT
You missed the point, which is: how does one make a living writing GPL software? RMS has written GPL software and founded the GPL movement, so he is in perfect position show and tell. He tells: "by offering paid support". He shows: by giving speeches. Those are not the same, so this is very much a case of DAISNAID.
Now let's go to Microsoft Windows. In the 80's, MS-DOS costed around $40. The price for Windows Vista Ultimate is $319.95. Eight times more. Connect the dots, and guess how much Microsoft Windows 7 will cost when it's out.
First, the value of 40$ in 1981 is 99$ today adjusted for inflation. Second, the first version of MS-DOS was built off of Quick and Dirty Operating System (QDOS), a crappy OS even by contemporary standards, so a better comparison would be against Vista Home Basic. Third, the cheapest Vista Home version in China is 66$.
66$ is less than 99$. So, would you like to try again?
40$ in 1981 is 99$ in 2007
You can simulate such a programming environment today simply by randomly reordering all lines in a block that are specifically marked not to be reordered. That there aren't such open source tools in use tells that the benefit is not worth the cost.
Yes, Stallman wrote some programs before, but I doubt if there is anything really new he has done lately and he doesn't even make his main living from that anyway.
#4: Ad hominem attack. Having writen code recently says nothing about the validity of his claims.
The point is, Stallman wrote some Open Source code, yet he makes his living not by supporting his software but by promoting Open Source. He doesn't lead by example, he doesn't practice what he preaches, he goes "do as I say, not as I do" and thus he undermines his message. Don't tell us, RMS, show us.
They setup a scenario where every call gives the callee a small payment, then find this weakness in it:
"Let us even assume, that Payment at Risk is used for every call. Even In that case an attacker could circumvent it, by impersonating as another user, so that he can establish calls and shift the costs on to ânormalâ customers."
Umm, if they could do that, wouldn't it be more profitable just to impersonate others and call yourself, collecting all their money?
What. Multitouch is like using your LCD as a mouse pad for two mice. Except the mice have only one button and you have to carry the LCD with your other hand.
And I'd like to see you play Doom with a D-pad. You do realize that 15 million people played Doom using arrow keys?
In Doom, mouse wasn't needed because you couldn't aim up or down and therefore WASD wasn't needed either. You had your right hand on arrow keys to control movement and your left hand on Shift, Ctrl, Alt, Space to shoot, strafe, run and use.
for business advantage. There, quoted the key point for you. Google doesn't leverage a business advantage by setting up boxes running Apache because everyone can do that. Their business advantage is being able to scale, which they've achieved through the use of proprietary software on their back-end.
You nowhere near describing a stackbased cpu with the java language, it's not low level, ok? Ummm, the Java byte-code is the embodiment of a stack based language, what with its operand stack and stack frames. You would have a point, if you had insisted on a register-based cpu...
if you ever done low lewel you know what I mean I haven't written, but I have read enough assembler to see a disturbing amount of similarities: unconditional jumps, labels, bitwise arithmetic operations, reading and writing to registers (local variables). Sure, there is more freedom when it comes to declaring the operands for any instruction. Sure, the JVM checks the bounds of your array access. But compared to a modern CPU, I'd imagine that's peanuts.
In computer science, a low-level programming language is a language that provides little or no abstraction from a computer's microprocessor. That clearly doesn't describe Java. From a 100% Pure Java viewpoint, the JVM is the microprocessor. Within environments like Jazelle, that true even in practice.
Java is a crappy low-level language Java's a low level language? That's news to me. Well, yeah, before Java 5 with its generics, autoboxing and the rest, that was pretty much the case. Much like C is a low-level language to produce assembler code, Java was (and mostly still is) a low-level language to produce JVM byte-code. If you take ever take a look at results of javap -c on a simple method you'll see what I mean.
Is worse hardware support, incomplete software and "it's up to you now to make this the year of Linux on desktop" better than what we had? Instead of a piece of hardware that just works?
Slashdot Mirror
The obvious answer is right, passwords should be as secure as possible, but secure must take into account the ease of use for the human as well as length, character set, and randomness.
I think you're confusing how secure a password is and how secured a password is. IOW, how hard a password is to guess and how it is stored when it is not used. Machines have no trouble using 512-, 1024- or 2048-bit secret keys let alone much shorter passwords, so in that vein, how long a secret key would you consider to be as secure as possible?
Except KDE 4 is a complete rewrite, so 4.0 makes complete sense. What would you suggest? 4.-1?
KDE 4.0alpha-2008xxxx-yyyy would get the point across, I would think.
Note I didn't say uncommon, I said narrow. The referenced speaker is "clubbing baby seals" as one of my professors liked to call it. He asked a simple question with an obvious answer, and then reframed the question to make his (non-obvious) answer correct.
The obvious answer is obviously wrong, because there is no limit on how strong and secure one can make one's passwords and policies (e.g. 500 characters from base64 in equal amounts without patterns changed every 10 minutes). The limit has always been the usability of the resulting system, which seems to be forgotten all too often.
You know, I don't believe you. With the amount of context assist and refactoring support a modern Java development environment like Eclipse has, I find that it feels like I'm writing 1/10th of the code that appears on the screen. Perhaps a more fair comparison would be to compare the number of keypresses needed to achieve a particular goal.
Then why aren't those sick minded people prosecuted for posting those images for other sick minded people to enjoy? Oh, that's right, usenet wasn't designed with that in mind, and that's just the way you like it. IHBT
You missed the point, which is: how does one make a living writing GPL software? RMS has written GPL software and founded the GPL movement, so he is in perfect position show and tell. He tells: "by offering paid support". He shows: by giving speeches. Those are not the same, so this is very much a case of DAISNAID.
Anyone who has used closed software punch RMS in the face recently? If so, which one did he find more offensive?
Now let's go to Microsoft Windows. In the 80's, MS-DOS costed around $40. The price for Windows Vista Ultimate is $319.95. Eight times more. Connect the dots, and guess how much Microsoft Windows 7 will cost when it's out.
First, the value of 40$ in 1981 is 99$ today adjusted for inflation. Second, the first version of MS-DOS was built off of Quick and Dirty Operating System (QDOS), a crappy OS even by contemporary standards, so a better comparison would be against Vista Home Basic. Third, the cheapest Vista Home version in China is 66$. 66$ is less than 99$. So, would you like to try again? 40$ in 1981 is 99$ in 2007
You can simulate such a programming environment today simply by randomly reordering all lines in a block that are specifically marked not to be reordered. That there aren't such open source tools in use tells that the benefit is not worth the cost.
Yes, Stallman wrote some programs before, but I doubt if there is anything really new he has done lately and he doesn't even make his main living from that anyway.
#4: Ad hominem attack. Having writen code recently says nothing about the validity of his claims.
The point is, Stallman wrote some Open Source code, yet he makes his living not by supporting his software but by promoting Open Source. He doesn't lead by example, he doesn't practice what he preaches, he goes "do as I say, not as I do" and thus he undermines his message. Don't tell us, RMS, show us.
You're really terrible at this, aren't you?
They setup a scenario where every call gives the callee a small payment, then find this weakness in it:
"Let us even assume, that Payment at Risk is used for every call. Even In that case an attacker could circumvent it, by impersonating as another user, so that he can establish calls and shift the costs on to ânormalâ customers."
Umm, if they could do that, wouldn't it be more profitable just to impersonate others and call yourself, collecting all their money?
What. Multitouch is like using your LCD as a mouse pad for two mice. Except the mice have only one button and you have to carry the LCD with your other hand.
Seems OK, but could do with more music videos.
In Doom, mouse wasn't needed because you couldn't aim up or down and therefore WASD wasn't needed either. You had your right hand on arrow keys to control movement and your left hand on Shift, Ctrl, Alt, Space to shoot, strafe, run and use.
Is worse hardware support, incomplete software and "it's up to you now to make this the year of Linux on desktop" better than what we had? Instead of a piece of hardware that just works?
I had a C64 as a kid. It was plenty educational despite there being no way to change the OS in any way, seeing as it was stored in ROM.
The poorest are already destined to low-paying service jobs. Is what Open Source promises really that much better?
Is that how FSF operates when it comes to the GNU codebase?